AOL and Yahoo instant messaging targeted again

By
Scarlet Pruitt, IDG News Service
| May 25, 2005

| IDG News Service

Share

TwitterFacebookLinkedInGoogle Plus

Yahoo and AOL instant messaging users have been warned of two new security threats.

The first is a worm targeting AOL's Instant Messenger (AIM) that could allow an attacker to gain control of a user's system. The other, a phishing scam propagated through Yahoo Messenger, which tries to lure users into revealing their Yahoo credentials.

The AOL worm sends the message "hehe i found this funny movie", encouraging users to click on a hyperlink that downloads malicious code to the user's desktop, according to an advisory released Monday by IMLogic. From there, the worm connects to a public IRC server and continues to spread through AIM messages.

While IMLogic rated the AIM worm as a "medium threat", a NetSec advisory warned that given the sophistication of new worms such as this, "it is a reasonable assumption that near-full system control may be possible".

The worm's spread appears to have slowed today however and there are now few reports of it still in the wild, according to Mikko Hypp"nen, director of antivirus research at F-Secure. Most major anti-virus companies have already updated their products to deal with the threat.

The Yahoo Messenger scam is one of a growing number of so-called phishing attacks. Users are sent a malicious URL which purports to lead to a website called "Star Games" - a clear attempted to capitalise on the hype surrounding the new Star Wars film.

Yahoo users are being warned to look out for the threat, and sysadmins are advised to use content filtering to guard against the scam, and to download the latest anti-virus updates.